package org.linuxprobe.shiro.security.filter;

import java.util.List;
import java.util.concurrent.TimeUnit;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.Assert;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.linuxprobe.shiro.security.authc.SecurityToken;
import org.linuxprobe.shiro.security.client.Client;
import org.linuxprobe.shiro.security.client.finder.ClientFinder;
import org.linuxprobe.shiro.security.client.finder.DefaultClientFinder;
import org.linuxprobe.shiro.security.session.SessionKeyStore;

/* loaded from: input_file:org/linuxprobe/shiro/security/filter/SecurityFilter.class */
public class SecurityFilter extends AccessControlFilter {
    public static final String name = "security";
    private List<Client<?>> clients;
    private String defaultClient;
    private SessionKeyStore sessionKeyStore;
    private ClientFinder clientFinder = DefaultClientFinder.getInstance();
    private boolean enableSession = true;

    public SecurityFilter(List<Client<?>> list, SessionKeyStore sessionKeyStore) {
        this.clients = list;
        this.sessionKeyStore = sessionKeyStore;
    }

    /* JADX WARN: Type inference failed for: r0v16, types: [org.linuxprobe.shiro.security.profile.SubjectProfile] */
    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) throws Exception {
        boolean z = true;
        Subject subject = getSubject(servletRequest, servletResponse);
        Assert.notNull(this.clients, "clients can not be null");
        Client<?> find = this.clientFinder.find(servletRequest, this.defaultClient, this.clients);
        if (find != null) {
            find.init();
            if (subject.isAuthenticated() && find.lazyVerification()) {
                return true;
            }
            ?? subjectProfile = find.getSubjectProfile(servletRequest);
            if (subjectProfile != 0) {
                if (!find.afterHandle(subjectProfile, servletRequest, servletResponse)) {
                    return false;
                }
                subjectProfile.setClientName(find.getName());
                if (!subject.isAuthenticated()) {
                    subject.login(new SecurityToken(subjectProfile));
                }
                if (this.enableSession) {
                    try {
                        Session session = subject.getSession();
                        if (this.sessionKeyStore != null) {
                            this.sessionKeyStore.addMap(find.getSessionIdKey(servletRequest), session.getId().toString(), session.getTimeout(), TimeUnit.MILLISECONDS);
                        }
                    } catch (Exception e) {
                    }
                }
                z = false;
            }
        }
        return !z;
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
        throw new SecurityException("Unauthorized");
    }

    public List<Client<?>> getClients() {
        return this.clients;
    }

    public String getDefaultClient() {
        return this.defaultClient;
    }

    public SessionKeyStore getSessionKeyStore() {
        return this.sessionKeyStore;
    }

    public ClientFinder getClientFinder() {
        return this.clientFinder;
    }

    public boolean isEnableSession() {
        return this.enableSession;
    }

    public void setClients(List<Client<?>> list) {
        this.clients = list;
    }

    public void setDefaultClient(String str) {
        this.defaultClient = str;
    }

    public void setSessionKeyStore(SessionKeyStore sessionKeyStore) {
        this.sessionKeyStore = sessionKeyStore;
    }

    public void setClientFinder(ClientFinder clientFinder) {
        this.clientFinder = clientFinder;
    }

    public void setEnableSession(boolean z) {
        this.enableSession = z;
    }

    public SecurityFilter() {
    }
}
